Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verizon's Aggressive New Spam Filter Causing Problems

Posted by ryuzaki0 on from the annoyances-and-other-corporate-bothers dept.

aviancarrier writes "Verizon DSL has turned on a very aggressive spam filter that is blocking lots of long-time legitimate emails. Emails get bounced with an error: 'XX@verizon.net: host relay.verizon.net[206.46.232.11] said: 550 Email from your Email Service Provider is currently blocked by Verizon Online's anti-spam system. The email "sender" or Email Service Provider may visit http://www.verizon.net/whitelist and request removal of the block.' That whitelist web page lets you request one address at a time to be whitelisted with no guarantee for their response time to process it. I have tested multiple email sources and only one got through. As a VZ customer, I just spent 28 minutes on a call to tech support, eventually got a supervisor who knows nothing about the new spam feature, and would only agree to email a manager who doesn't work weekends about it. I warned her that VZ has a public relations problem but she was too clueless to understand." Many users have submitted this problem so it seems to be a pretty far reaching problem. There is also a discussion going on over at Google about this problem.

22 of 311 comments (clear)

  1. There seems to be some mixup... by winkydink · · Score: 4, Interesting

    I went to the referenced URL and it sure looks to me like, using the
    ISP form, you can request multiple domains and multiple IP addrs in a
    single request.

    Also, the discussion over at Google currently has a whopping 6 entries.

    Much ado about nothing?

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

    1. Re:There seems to be some mixup... by winkydink · · Score: 3, Informative

      Perhaps the "we" that decided to run the story could have devoted a bit more time writing or editing the article synopsis? Perhaps even make it factually correct wrt to the ability to whitelist multiple domains/ip addrs with a single request (which the summary says must be done one by each)?

      --

      "I'd rather be a lightning rod than a seismometer." -Ken Kesey

    2. Re:There seems to be some mixup... by ModExec · · Score: 5, Informative

      As a Verizon DSL custmoer, I can attest to there being a problem. For the past 18 months, Verizon has refused to pass along listserv messages forward to my verizon.net inbox from my university email account. Emails from individuals that are addressed to my univeristy made it through the spam filters fine. But emails from my university's listserver were blocked. All of them.

      I called Verizon about it in January after I realized it was happening. I suspected it had been going on since I got my DSL service, but at the time just assumed that I had been unsubscribed from all of my school's listservs (because of some crazy mix up regarding my academic year, my switch from an undergrad to a law student, etc. Don't ask...). Verizon opened an Operation Control Services (OSC) ticket to look into the matter. After four months of investigating, dozens of calls, hours of talking to tech no-support, and five OSC tickets later, the matter still is not resolved.

      During the time we were diagnosing the problem, OSC asked for the error code that my university received whenever it tried to forward messages. My college's IT department told me that they received an error 450 for every message: "Deferred: 450 Requested mail action not taken-Try later:sv11pub.verizon.net (from relay.verizon.net [206.46.232.11])." According to OSC, this meant that the Verizon mail server could not verify that the listserv messages being forwarded actually originated from the listserver domain. Given my school's list server set up, this makes perfect sense; users on the listserv may send an email to the server's listening account, which takes messages and creates a new message to blast the original message to all the listserv's recipients. The intermediate listening account seemed to be a legitimate way to relay messages to recipients.

      Apparently, that didn't fly with the Verizon servers. OSC engineers thoroughly explained the problem in my account's notes, "Sender cannot be verified, which is the cause of their mail issue. NOTE: 451 ... Requested mail action not taken: mailbox unavailable. Whitelisting will not help. They will need to correct the config on their mail server." This made no sense to me, to my school's IT department, and even to the Verizon tech who tried to interpret the notes. Apparently, what these notes meant to say was the university's servers did not comply with some sort of internet standards for mail routing. Despite there being a legitimate use for the messages, Verizon would not create an exception in the hallowed standard to accomodate the forwarded messages. Verizon's OSC recommended that I tell my school's IT department that it was their servers that did not comply with the standard -- that if they wanted Verizon to accept their forwards, they needed to reconfigure their listservers. This was incredible. For what it was worth, I relayed this to my school's IT department. Not surprizingly, they have made no changes. Why fix what works with 99.9% of the ISPs out there? Whoever said Verizon was using brute force tactics to do business has hit the nail right on the head.

      But this is not the only problem at Verizon. One month ago, they had to suspend their entire "Block Senders" database because it got so large that the Verizon server couldn't process the messages through it. As I understand it, the database caused a number of hiccups, blocking hundreds of legitimate messages and letting through as many or more spam messages. To this day, Verizon has not reintstated users' "block senders" email option.

      This is not to mention the fact that Verizon is notorious for not following up with its customers. Over the four months that I tried to get a resolution, only once did I ever receive a call from a member of the supervisor escalation group, informing me of any "progress." In an effort to keep myself in the loop, I would call the verizon tech no-support department, only to find that that my OSC ticket had been closed without notice and without resolu

  2. 28 minutes? by Jordan+Catalano · · Score: 5, Interesting

    Here's a trick for Verizon Online phone service: Call up, listen to menu items, then say -nothing-. Don't ask for an operator, don't enter in your phone number: just chill for about two minutes while the prompts repeat. In under three minutes, you'll be transfered to a live operator.

    1. Re:28 minutes? by gEvil+(beta) · · Score: 4, Informative

      Bookmark this page. It will be your best friend.

      --
      This guy's the limit!
    2. Re:28 minutes? by LMacG · · Score: 4, Insightful
      [Full disclosure for the following comment -- I program voice response systems for a living. However, I only implement what they force me to, and sometimes that sucks.]

      From that page:

      We will soon publish a list of the best and worst mass-market consumer companies in the US based on how long it takes to get to a human on the phone and on the quality of support received.


      That's very nice, but it doesn't seem like a very intelligent way to measure customer service. As a trivial example, suppose you want to know your credit card balance. A decently programmed voice response system can give you that information quickly and clearly, and in much less time than it would take to get the same data from a human. If you're lucky, the IVR won't even try to sell you something that you don't need.

      Yes, I know that there are times when the available pre-programmed options are not useful and speaking to a representative is the only option. But do you want to have to wait in queue for an agent who has to handle ninety-twelve "what is my balance?" calls before it's your turn? Now ask yourself why the call centers are being outsourced to overseas providers ...

      This "I only will deal with a human" attitude is pointless. Better to demand that corporations fix their IVR systems, because they're not going away. (And maybe I'll get hired to write more VUI specs instead of having to implement what 'the business' thinks it wants.)
      --
      Slightly disreputable, albeit gregarious
  3. Obviously... by terrahertz · · Score: 5, Funny

    ...you need to power-cycle your DSL modem, disconnect everything but a single ethernet cable from your modem to your PC, reboot your PC, count to 30 while hopping on one foot, and say the alphabet backwards first before anyone at Verizon will turn on their brains and acknowledge they have a problem. Plus...28 minutes on the phone?? Pffft. You don't get the "real" tech support until they keep you on the line for at least 60 minutes.

    Don't you know how they troubleshoot already?

    --
    Slashdot? Oh, I just read it for the articles.
    1. Re:Obviously... by IAmTheDave · · Score: 4, Funny

      "Sir... Sir... I'm going to have to ask you to find your Start Button."
      "I have OSX"
      "Sir... I understand, but I need to walk you through this. Please locate your Start button."
      "You don't understand - I'm on a Mac, I don't have a Start button."
      "Sir... You're not making this any easier. Once we go through this we can identify your issue."
      "Actually, my issue is that my cable modem arrived without a power supply."

      - Actual conversation I had with tech support. Long live tech support. Long live tech support scripts.

      --
      Excuse my speling.
      Making The Bar Project
  4. Verizon have been jerks for quite awhile by Abalamahalamatandra · · Score: 4, Interesting

    I ran a bulk-sending system (legitimate!) to email Frontier Airline's frequent flyer members, and Verizon was the biggest single problem getting mail through. I don't think I ever did get them to accept our runs at all.

    The big thing they already had in place was that they want to connect back on port 25 to the sending system AND make sure it responds initially with the same name it's using to send mail out. Not a bad thing overall, I suppose, but I can see how it would block quite a few messages from providers that use separate sending servers from their receiving servers. I finally had to set up SMTPFWDD on both outgoing servers to accept connections and silently drop any emails they get, that helped, but I think they still rate-limited heavily.

    I'd say if you depend on getting your email, Verizon's not a good ISP to use.

  5. Now thats rich. by The+Cisco+Kid · · Score: 4, Interesting

    Verizon is a spam sewer itself.

    http://www.spamhaus.org/sbl/listings.lasso?isp=ver izon.net

  6. I think that's a different job by Minwee · · Score: 5, Insightful
    "I warned [a tech support supervisor] that VZ has a public relations problem but she was too clueless to understand."

    Having worked in tech support for a large company, I can assure you that the position of supervisor for a tech support call centre really doesn't have nearly as much influence on coprorate public relations as you seem to think that it has.

    Most of the people in her position would be surprised to find out that any one from the head office even knows that they exist, let alone cares about what they do or asks their opinion on issues like PR. It's normal to be annoyed when a company like Verizon screws up like this, but lashing out at the tech support staff just because they're the easist people to reach really doesn't help anybody.

    1. Re:I think that's a different job by CaptCovert · · Score: 3, Insightful

      It's much easier to cause a problem than to solve one. Sure, you could start a 'PR Nightmare' in a low-paying customer-facing position, but you're not empowered in the slightest to actually solve them. It's not as if the 'supervisor' in a tech support centre has the authority or influence to actually change anything, especially in a company as large as Verizon. Just as important to PR as sales? Not really. Sales (executives in the larger companies) get to actually change PR. Tech support merely tows the line....

    2. Re:I think that's a different job by Anonymous Coward · · Score: 3, Interesting

      Most of the people in her position are, in fact, employed by an outsourced call center - likely either in Canada or in Dallas/Ft. Worth; At best, they are the people who managed to make people /feel/ /better/ (not necessarily solve the problem) and get them to hang up quickly - over a period of nine months to a year, and are then bumped to a level II tech.

      I worked at one of these outsourcers. Most of the intelligent & ethical tech pros there were diligently finding other employment as fast as they could. I interviewed for a position /at verizon/ and when the offer letter turned up, told them "No, I have ethics" - after they illegally told several of my co-workers that they could not be hired because of a non-existent no-hire agreement, and they all took other job offers, at lower rates. Not to mention the European "spam blackhole" which ate everything from Europe, period - no explanations and the whitelisting process never actually worked.

      The upshot is: The tech you talk to on the phone has few or no options for actually solving your problems, it is actually contrary to his job interest to invest time in solving your problems, and the supervisors also have no power and are the ones most proficient in convincing people quickly that there is no problem, no jabba yo wadda.

      And I have little option but to remain Anonymous Coward - Verizon & the outsourcers have really dim views of people being critical of their lack of ethics.

  7. Update on the blocking by aviancarrier · · Score: 5, Interesting

    Sometime this morning two of my email addresses got whitelisted and could get through again to Verizon Online. Earlier in the morning I received form emails from Verizon's whitelist group saying they have attempted to contact the blocked company/domain.

    Regarding the person who accused me of being a spammer: No. Just a husband trying to email my wife's VZ account.

    Regarding the "lashing" out at the customer service supervisor: I was trying to get her to help her own company out. The fact that she was not told anything about a new level of spam filtering nor had (she claims) a way to contact a manager on a weekend about a PR problem may be a standard problem for that level of supervisor, but I wanted to give her a way to be a hero internally and stop a PR problem from getting worse.

  8. Messages in bottles. by Kadin2048 · · Score: 4, Interesting

    Seems like it.

    I used to send all my email out of my own mailserver, out of my home firewall/router/"box-in-a-closet" machine.

    Recently -- like within the last six months or so, I've noticed an alarming number of domains that aren't receiving my emails. And no, I haven't been blackholed or otherwise put on anyone's shit list, nor am I running an open relay. The mailserver is perfectly well-behaved, standards compliant, and only relays from within my home LAN.

    I also don't mass-mail or do any other sort of sketchy activity, I just always liked having my own mailserver and never having to worry about when my ISPs (or Google's, or my web hosting providers') was going to flake out on me. But it's becoming nearly impractical to do. I'm never sure if an email that I sent out has actually gotten through, or if it's just been silently eaten by some spam filter somewhere.

    The worst offender that I've found so far is Comcast; I haven't been able to get any messages through at all to Comcast subscribers, and they don't provide back any sort of acknowledgment that a message has been blocked. Every time I send anything to them, it's firing a shot into the darkness.

    I hate spam as much as anybody else (probably more than some); I'm in favor of using some of those Federal "computer crimes" laws -- the ones that have harsher penalties for electronically violating a system than if you walked in and stole it in person -- against spammers. See what 20 years of pound-me-in-the-ass prison followed by another 10 or 15 of no-computer probation (and consequent unemployment) does for their attitude. Or there are the always popular vigilante death squads, I could find a warm place in my heart for them, too. Either of those would be preferable to the current patchwork system of blacklists, whitelists, greylists, RBLs, and unilateral policies on the part of ISPs that break up the nature of the network.

    Sending an email shouldn't be like tossing a message in a bottle into the ocean, but that's how it's getting to be with some ISPs.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
    1. Re:Messages in bottles. by nuzak · · Score: 4, Insightful

      > I used to send all my email out of my own mailserver, out of my home firewall/router/"box-in-a-closet" machine.

      > The worst offender that I've found so far is Comcast;

      Sorry, but you're sending email from a residential IP with a rdns of something like "dsl-123-234-12-56.dyn.myisp.net" and you're calling comcast the offender?

      The days of running your own mail server on a residential account are over -- blame the thousands of zombie spammers on your /16 alone. Sorry that it's come to residential accounts being treated like second class citizens, but we gave this class of account YEARS to clean up its act, and it's only gotten worse.

      You can get mail hosting for like five bucks a month. It's the cost of spam. Deal with it, because we sure as hell are.

      Signed,
      the world's mail administrators

      --
      Done with slashdot, done with nerds, getting a life.
    2. Re:Messages in bottles. by dekemoose · · Score: 4, Informative

      A large number of mail providers arbitrarily block any mail originating from net blocks identified as being used by "consumer" ISP's for dynamically assigned IP addresses. It's kind of lame, but also very effective at stopping large amounts of spam. Use your ISP's mail server as a smart host, or (if you don't trust the clue level of your ISP) one of the many SMTP relay services out there, I believe DynDns does one.

  9. that's sort of a ridiculous attitude by bunions · · Score: 5, Insightful

    Saying a phone line tech support manager is bad at her job because she can't do anything about an engineering 'feature' in under two days is impossibly naive.

    --
    there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.
  10. Are you in the right? by Just+Some+Guy · · Score: 5, Informative
    My company implemented my blocking methods and saw an instant reduction in spam from a deluge to a tiny trickle. The three most effective filters are:

    1. Requiring HELO,
    2. Rejecting non-FQDN HELO strings ("foo.bar" will get you in, but "myleetmailserver" won't), and
    3. Rejecting HELO strings that blatantly lie (you're not "localhost" or my public IP address, no matter how many times you ask).

    More and more ISPs are starting to implement the same compliance checks. Would any of these reject your system's mail? Several of our customers had misconfigured outbound servers and we helped them fix their systems. We were only early adopters, though; if we hadn't caught the problem then a major ISP or five would have started rejecting their email without being so helpful.

    Maybe VZ is in the right this time. Are you sure they're not?

    --
    Dewey, what part of this looks like authorities should be involved?
  11. Not that simple. by khasim · · Score: 3, Insightful
    Sorry, but the guy you replied to is doing nothing wrong and is going out of his way to make sure his server plays nice?
    It isn't about doing something "wrong".

    It's the fact that there is nothing to distinguish his email server from any of the hundreds (thousands?) of zombies on that same network.

    In cases such as this, the best solution is for the home user to over-comply. And that means learning about relaying and getting a relay account on a server that does not look like a zombie.
    And you accuse him (or her) of being an idiot and tell him it's all his fault anyway?
    This is not about anyone being an idiot.

    This is about making it as easy as possible for the other competent email admins to see that you are not a zombie.

    The more concessions you expect from all of them, the more problems you'll face.
    1. Re:Not that simple. by (negative+video) · · Score: 4, Insightful
      The more concessions you expect from all of them, the more problems you'll face.
      The complaint here was that certain ISPs are saying "Thank you, esteemed peer, for sending this valuable message which we will now deliver." when what they really mean is "Bugger off, spammy scum. Your message? Ha! We spit in the general direction of your message, which we will delete as soon as we finish wiping our ass with it." The behavior is singularly unhelpful.
  12. Pesky Supervisors! by Anonymous Coward · · Score: 3, Informative
    Error "550" has a couple of causes. The cause that you're experiencing is what is called a "whitelisting issue". Unfortunately, Tech Support has nothing to do with this process. Its entirely managed by the Verizon Anti-spam team. You can access and fill out a form at www.verizon.net/whitelist.

    I've spent a fair amount of time tracking down the error that you're looking at. Its primarily caused by 2 things. Your server sends Verizon spam or its misconfigured.

    1. Your server is a known open relay or has otherwise been responsible for sending spam to the Verizon network.

    2. Your server is misconfigured. An improperly configured webserver will cause this problem every time. VOL, when receiving an email from a web server, attempts to check the validity and credentials of the sender on the originating SMTP server. If your server fails to respond with an appropriate timeframe or responds incorrectly, your server will be immediately placed on the "black list"

    I'd like to note that Verizon has had this (exact same) anti-spam procedure in place for almost a year and a half. I'm still going to say this is "much ado about nothing".

    Unfortunately, I probably shouldn't attach my name to this one. I'll post this AC and see if anyone cares to mod up the reason why you're receiving this error.

    AC